评论

微信api加密验签模块不完善,demo不完善,报错信息不完善

2023-07-12
390浏览
0评论

微信api加密验签模块不完善,demo不完善,报错编码在编码表中找不到

因为使用到了同城配送,不得不接入api安全,但是文档逻辑描述很不清晰、极其跳跃。想着文档不清晰无所谓,看demo呗,我自身使用的是php,提供的demo只有 java、node.js的。

没办法只能根据node.js的demo,自己来完成php代码,写完之后发现总是报错 ,在同城配送中 报错代码是934001,查阅错误码表,没有这个错误码,咱又大胆猜想想会不会是同城配送的接口自身有问题。又换了一个 查询用户风险等级的接口,也报错,报错代码是 48001,这个错误码也没找到 ,咱就是说能不能详细一些...

此外吧,在社区中发文,也没有官方回复,太难了

下面是我的代码,我检查了10遍也没看到有啥问题,光返回错误码:

因为使用到了同城配送,不得不接入api安全 '',
        'url' => 'https://api.weixin.qq.com/wxa/getuserriskrank',
        'local_sn' => '',
        'local_key' => '',
        'store_id' => '',
        'out_store_id' => '',
        'openid'=>'',
        "scene"=> 0,
        "client_ip"=>''
    ];
    private $key = [
        'sn' => '',
        'key' => '-----BEGIN RSA PRIVATE KEY-----
省略
-----END RSA PRIVATE KEY-----'
    ];

    public function actionTest()
    {
        $param = $this->param;
        $accessToken = WxDelivery::getAccessToken();
        $url = $this->param['url'] . "?access_token=" . $accessToken;
        $newRe = $this->getRequestParam();
        $signature = $this->getSignature($newRe);
        $headerArray = ['Wechatmp-Appid' => $param['app_id'], 'Wechatmp-TimeStamp' => $newRe['ts'], 'Wechatmp-Signature' => $signature];
        $data = WxDelivery::curlPost($url, $newRe['reqData'], $headerArray);
        var_dump($data);
    }

    public function getRequestParam()
    {
        $param = $this->param;
        $param['local_key'] = base64_decode($param['local_key']);
        // $req = ['store_id' => $param['store_id'], 'out_store_id' => $param['out_store_id']];
        $req = ['appid' => $param['app_id'], 'openid' => $param['openid'],'scene'=>$param['scene'],'client_ip'=>$param['client_ip']];
        $time = time();
        //16位随机字符串
        $nonce = rtrim(base64_encode(random_bytes(16)), '=');
        $addReq = ["_n" => $nonce, "_appid" => $param['app_id'], "_timestamp" => $time];
        $realReq = array_merge($addReq, $req);
        $realReq = json_encode($realReq);
        //额外参数
        $aad = $param['url'] . "|" . $param['app_id'] . "|" . $time . "|" . $param['local_sn'];
        //12位随机字符
        $iv = random_bytes(12);
        $cipher = openssl_encrypt($realReq, "aes-256-gcm", $param['local_key'], OPENSSL_RAW_DATA, $iv, $tag, $aad);
        $iv = base64_encode($iv);
        $data = base64_encode($cipher);
        $authTag = base64_encode($tag);
        $reqData = ["iv" => $iv, "data" => $data, "authtag" => $authTag];
        return ['ts' => $time, 'reqData' => json_encode($reqData)];

    }

    public function getSignature($newRe)
    {
        $param = $this->param;
        $keys = $this->key;
        $time = $newRe['ts'];
        $url = $param['url'];
        $appId = $param['app_id'];
        $reqData = $newRe['reqData'];
        $payload = "$url\n$appId\n$time\n$reqData";
        $key = openssl_pkey_get_private($keys['key']);
        $signature = '';
        $payload = hash('sha256', $payload, true);
        openssl_sign($payload, $signature, $key, OPENSSL_ALGO_SHA256);
        openssl_free_key($key);
        return base64_encode($signature);
    }


}



最后一次编辑于  2023-07-12  
点赞 0
收藏
评论
登录 后发表内容
作者介绍

文章标签